Several Vulnerabilities Discovered in Vmware Products
According to computer security company iDefense, several security flaws have been discovered in various VMware products. These flaws could potentially be exploited by both local and remote attackers to bypass security, compromise a vulnerable PC and launch denial of service attack.
The first flaw could allow attacker to inject an arbitrary program into any virtual environment while the VMware program asks to indicate the directory containing shared library applications. The vmware-authd function of the software gives the attacker root privilege to conduct this transaction. The products containing this flaw include VMware GSX Server Version 220.127.116.1197 for Linux, VMware Workstation Version 18.104.22.168824 for Linux, and VMware ESX Server 22.214.171.124039.
VMware has, however, patched ...
» SPAMfighter News - 17-06-2008